PRIVACY CODE
Last Update: June 13, 2018
This notice describes how the personal data of users consulting this website www.over-foil.com are processed in accordance with the General Data Protection Regulation (EU) 2016/679 GDPR (European Data Protection Regulation).
As a result of consulting this website, data relating to identified or identifiable natural persons may be processed.
For quicker access on a specific topic click on the following items, otherwise continue by scrolling down the page:
DATA CONTROLLER
LEGAL BASIS OF THE PROCESSING
TYPES OF DATA PROCESSED AND PURPOSE OF PROCESSING
Data provided voluntarily by the user - Contact Form and Registration Form
Data provided with specific consent by the user - Newsletter Service
Log files browsing the website
Collection of statistics data in aggregate form (Analytics)
Cookies to improve the browsing experience
Presence in Social Media - Facebook - Instagram
SUBJECTS TO WHOM PERSONAL DATA MAY BE COMMUNICATED
SECURITY MEASURES TAKEN
DATA SUBJECT'S RIGHT
LINKS TO OTHER WEBSITES
UPDATES TO THE PRIVACY POLICY
DATA CONTROLLER
The Data Controller for the processing of personal data is the company Over-All S.r.l. (referred to from now on as "Over-ALL" or the "Data Controller"), with administrative headquarters in 20044 Arese (MI), Via Monte Grappa 80/2. To contact the Controller use the Contact Form >> or use the e-mail address: amministrazione@over-all.com
LEGAL BASIS FOR PROCESSING
The personal data indicated on this page are processed by the Controller in order to execute a requested service such as the execution of a contract to which the data subject is a party or the execution of pre-contractual measures taken at the request of the same.
In the cases expressly indicated, the legal basis is the specific, unambiguous and freely given consent of the data subject, such as for subscription to the Newsletter.
Other data will be processed on the basis of the legitimate interest of the Data Controller expressly provided for in the GDPR such as: log files to ensure the security of this website, data for statistical analysis and the use of technical cookies to improve the user's browsing experience (Extended Cookie Policy).
​
TYPES OF DATA PROCESSED AND PURPOSES OF PROCESSING:
Data voluntarily provided by the user - Contact Form and Registration Form.
By filling in their data in the contact form or registration form (for example: first name, last name, address, telephone, e-mail), the user consents to their use in order to be able to download the certificates in the DOWNLOAD section or to respond to requests for information, quotes or any other request of yours. In case of failure to enter one or more mandatory data, the interested party will not be able to enjoy the requested service and/or the proper execution of the relationship.
The processing is carried out by means of computer and/or telematic tools, not excluding potential processing in paper mode.
The data are deposited on the Web server within the European Community, are processed at the headquarters of the Owner and in any other place where the parties involved in the processing are located, in compliance with the guidelines of the GDPR. They will be kept for as long as necessary to provide the requested service and to handle any disputes.
These data are not communicated or transmitted to third parties, unless the communication or transmission is strictly necessary to execute the requested service (for example: the transmission of data to agents and area dealers in case of product information request) or to execute obligations under laws or regulations or to give effect to requests of judicial authorities.
The legal basis legitimizing the processing is the execution of pre-contractual measures or the performance of a contract adopted at the request of the data subject.
​
Data provided with specific consent by the user - Newsletter Service
By filling in his/her data (e.g.: first name, last name, e-mail) in the Newsletter subscription form or by clicking on the appropriate box "Subscription to the Newslsetter", present in the contact form or in the registration form, the user specifically and unequivocally consents to the processing of his/her personal data for the periodical sending, by e-mail, of Newsletters and advertising material about the services and/or products offered by the Over-ALL company.
In case of failure to enter one or more mandatory data or failure to check the box "Newsletter Subscription", the user will not be able to enjoy the requested service.
The Over-ALL company newsletter is managed through the third-party MailUp platform. Subscribers' data (email address, first and last name) are stored on the MailUp platform (managed by the company MailUp S.p.A. based in Viale F. Restelli 1, 20124 Milan, Italy) and, periodically, in the backups of the Over-ALL company according to all security and confidentiality criteria.
The data collected may also be transferred abroad, to companies that are and are not part of the MailUp S.p.A. group, even outside the European Union in the forms and ways provided for by current regulations, guaranteeing in all cases an adequate level of protection. Personal data will never be used by MailUp S.p.A., disseminated or sold to third parties.
With the MailUp service, any spam activity is prohibited and punished with a penalty.
Antispam Policy - http://www.mailup.it/policy-antispam.htm
MailUp Privacy Policy : https://www.mailup.it/informativa-privacy/
The MailUp platform provides Over-ALL with statistical tracking systems (e.g. web beacons), which allows to detect the opening of a message, clicks made on hyperlinks contained within the email, from which IP address or with which type of browser the email is opened, and other similar details. The collection of such data is functional to the use of the platform and is an integral part of the functionality of the message delivery system.
This data will be processed based on the legitimate interest of the Data Controller expressly provided for in the GDPR.
Over-ALL uses this data for statistical purposes to improve the quality of its Newsletters.
Users have the option to unsubscribe from the Newsletter at any time (to stop receiving messages from Over-ALL) by following the instructions and the link found at the bottom of each message (Newsletter). After unsubscribing, the MailUp platform will still maintain the list of unsubscribers to prevent you from being able to force them back into the mailing list. If you wish to be permanently unsubscribed from the unsubscribed list as well, please contact the Owner to arrange for manual unsubscription.
Log files browsing the website
For the management of technical administrative operations of computer systems, diagnosis of any technical problems and prevention of intrusion and abuse of the service, the following data are collected automatically from all visitors accessing this site: date and time of visit; IP address; operating system used; type of browser and parameters of the device used to connect to the site; web page visited by the visitor.
This data is not accompanied by any additional personal information and is never used for user identification or profiling, but only for the purpose of protecting the site and its users and will be processed according to the legitimate interest of the Data Controller expressly provided by the GDPR.
Log files are stored on Web servers within the European Community and processed by our WebHosting provider in compliance with GDPR guidelines and freedom of choice. This data is not subjected to any exclusively automated decision-making process, including profiling, that produces legal effects concerning the data subject or that may affect said natural persons in a significantly similar way.
Log files are archived for a maximum of 7 days and then deleted. Data, the further retention of which is required for evidentiary purposes, will be exempted from deletion until final clarification of the incident.
Collection of statistics data in aggregate form (Analytics)
When browsing this website, information about access to the website, number of users, IP address, operating system used; type of browser and device parameters used, visitor's origin web page, web pages visited and exit web page are collected automatically and in aggregate form.
These data are never used for user identification or profiling, but are used, for the time strictly necessary, for the sole purpose of obtaining statistical information on the use of the site and to monitor its regular operation. Such data will be processed based on the legitimate interest of the Data Controller expressly provided for in the GDPR.
The statistics service is placed on the same Web server as this website within the European Community in compliance with GDPR guidelines and freedom of choice. This data is not subject to any exclusively automated decision-making process, including profiling, that produces legal effects concerning the data subject or that may affect said natural persons in a significantly similar way.
For more information on data use, please see the Google Analytics Privacy Policy: https://policies.google.com/privacy?hl=it
Cookies to improve the browsing experience
A cookie is a small text string that is downloaded to your computer, through your browser, when you access certain websites. Cookies make it possible to recognize preferences expressed by a user during previous browsing. A cookie itself does not contain or collect personal data however, it can help a website offer easier access, for example, by remembering previous purchases or account details.
There are different types of cookies. Some are necessary to be able to navigate the site, others have different purposes.
For more information on the use of cookies or other tracking technologies, see the Extended Cookie Policy for more details >>
​
​
Presence in Social Media
Over-ALL has a presence within Social Media platforms, such as Facebook and Instagram, to communicate with customers, potential customers, suppliers, partners, and users.
The terms, conditions and privacy policy of the respective operators apply to the processing of personal data carried out through Social Media platforms.
Unless otherwise stated in this Privacy Policy, the data of users registered on the various Social platforms will be processed on those platforms when they communicate with Over-ALL within the platform itself by responding to comments/questions on posts or private messages sent also through the Social platform.All of these platforms store data in the cloud on servers that may reside outside the EU and use their own cookies to recognize the user after logging into their Social account. If a user connected to the Social platform communicates through the official Over-ALL Social page, comments, likes, subscriptions, shares, and statistical data are saved and stored on it and made available to Over-ALL.
Over-ALL uses such data to respond to user demand, to maintain a privileged relationship with its subscribers, and to improve its services, products, and offers based on statistical data on subscribers' behavior within the Social platform (e.g., number of likes, shares on posts, post coverage).
This data will be processed based on the legitimate interest of the Data Controller expressly provided for in the GDPR.
FACEBOOK PAGE:
Over-ALL operates a fanpage on the Facebook platform at the following address : https://www.facebook.com/overallsrl/
The activities performed by members on the Facebook platform, are stored on the servers of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 in Ireland.
The company "Facebook Ireland Ltd." is certified under the "Privacy Shield Agreement," which provides a guarantee to comply with the European Data Protection Act.
To learn about the purpose and purpose of the data collected and Facebook's further processing and use of the data, as well as related rights and setting options to protect users' privacy, can be found in the following Facebook Privacy Policy >>
It is possible to change the settings regarding the use of personal data for promotional purposes within the Facebook profile settings (https://www.facebook.com/settings?tab=ads ) or through the following European page : http://www.youronlinechoices.com/ or through the American page: http://www.aboutads.info/choices/.
SUBJECTS TO WHOM PERSONAL DATA MAY BE DISCLOSED
The data may be disclosed:
To staff of the company as data processors and processors for the management of the files of the requested service. The staff is duly trained in personal data security and the right to privacy.
to subjects whose task is to provide for the maintenance, repair, development, updating and assistance of this website, in compliance with the regulations in force in Italy regarding Privacy, such as: providers of WebHosting and e-mail services, Web Agencies and IT Companies located in Europe. The same will operate for purposes strictly related to the activity to be carried out.
to parties who are granted the right to access personal data by law or secondary and/or EU regulations.
at the MailUp platform for the management of the Newsletter service. The first name, last name and email address provided by the data subject are stored on the MailUp platform in compliance with Regulation (EU) 2016/679 (Privacy Policy).
​
SECURITY MEASURES TAKEN
The personal data processed are protected through appropriate security measures suitable for ensuring their confidentiality and integrity.
In particular, Over-ALL takes appropriate organizational, procedural and technical measures to prevent data loss, data theft, unlawful use as well as unauthorized disclosure or modification.
The disclosure of personal data to third parties for the purposes listed above, is made only after ensuring that our trusted partners take appropriate technical and operational security measures to protect personal data and that they are in line with Italian and European data protection legislation.
DATA SUBJECT'S RIGHT
The data subject always has the right to request from the Data Controller:
access to his/her personal data in a structured, commonly used and machine-readable format and where technically feasible;
information about the logic, methods and purposes of the processing;
the updating, rectification, integration, cancellation or transformation into anonymous form or blocking of the same;
the restriction of the processing concerning him/her or the possibility to object to the processing in whole or in part;
-
data portability (this provision is applicable when the data are processed by automated means and the processing is based on the user's consent, a contract to which the user is a party or contractual measures related thereto).
-
In addition to this, the data subject may:
-
revoke consent to the processing at any time without affecting the lawfulness of the processing based on the consent given before revocation;
-
object to automated decision-making, including profiling, which shall not be subject to any automated decision-making process;
-
to lodge a complaint with the relevant data protection supervisory authority (Contact Form >>), as provided for in Article 77 of the Regulation, or to take appropriate legal action.
-
Any requests for deletion of data are subject to existing legal and record-keeping obligations that are imposed by statutory or regulatory requirements.
-
In order to exercise the rights listed above, the interested party should address a written request to: Over-All S.r.l. - Via Monte Grappa 80/2 - 20044 Arese (MI) or via the Contact Form >>.
-
In the communication, please indicate your name, postal address and e-mail address, in order to be able to properly handle the request.
LINKS TO OTHER WEBSITES
Links (links) to other third party websites on this website are provided solely for the convenience of the user. Their inclusion does not imply any form of involvement (agreements or contracts entered into with third parties) or liability on the part of the Over-ALL firm and therefore are not covered by the terms of this Privacy Policy.
The sites to which these links refer are not under the control of the Over-ALL company, which is not responsible for their content or any other links contained therein or for the processing of personal data carried out, any changes or updates to these websites.
UPDATES TO THE PRIVACY POLICY
The Data Controller reserves the right to make changes to this privacy policy at any time, including those related to the possible entry into force of new regulations, the updating or provision of new services or technological innovations, by informing users on this page or by e-mail if the changes affect processing whose legal basis is specific consent such as subscription to the Newsletter
Please check this page regularly, referring to the date indicated in "Last Updated" at the top of the page. Any changes will take effect when the new version of the Privacy Policy is posted.
​
​
​